har-debugger

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill asks the agent to extract and report response headers and response bodies and to list relevant requests as evidence without any redaction guidance, so it could easily require printing sensitive values (cookies, tokens, API keys) verbatim from a HAR.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly parses user-provided HAR files (SKILL.md steps 2 and 5) and extracts response bodies and headers (response.content.text, response.headers) from potentially arbitrary public websites, and the agent is instructed to read and use that content to match keywords, prioritize requests, and infer root causes—allowing untrusted third-party content to influence decisions.